<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Not sure this will help but I provided my configuration for LXD
below. I use Ubuntu so you'd have to translate the configuration
network configuration portions over to RedHat/CentOS. My containers'
configure their own interfaces (static, dhcp, or whatever), LXD
simply defines the interface. These are the basic steps that I do:<br>
<ol>
<li>On the LXD host I setup bridges based on the vlan's that I
want a NIC to connect to. Those vlan interfaces use a bond in
LACP mode. If you don't use vlan's or bond's in your setup then
just create the bridge from a physical Ethernet device.</li>
<li>I then create a profile for each bridge corresponding to a
vlan.</li>
<li>When I create a container I can assign those profiles (one or
multiple) to create the network devices.</li>
<li>Inside the container I configure the network device just like
any other system; physical, VM, container, or otherwise.</li>
</ol>
I do not use LXD managed network devices. All my network devices are
managed by the host operating system. Again, if you don't use vlan's
or bond's then you can jump straight to creating a bridge.<br>
<br>
Here's the details of the steps:<br>
<br>
Step 1:<br>
Create the network devices that the LXD containers will use.<br>
<br>
<tt>lxcuser@blllxc02:~$ cat
/etc/network/interfaces.d/01-physical-network.device </tt><tt><br>
</tt><tt># This file contains the physical NIC definitions.</tt><tt><br>
</tt><tt><br>
</tt><tt>############################</tt><tt><br>
</tt><tt># PHYSICAL NETWORK DEVICES #</tt><tt><br>
</tt><tt>############################</tt><tt><br>
</tt><tt><br>
</tt><tt># Primary services interface.</tt><tt><br>
</tt><tt>auto enp3s0</tt><tt><br>
</tt><tt>iface enp3s0 inet manual</tt><tt><br>
</tt><tt> bond-master bond-services</tt><tt><br>
</tt><tt><br>
</tt><tt># Secondary services interface.</tt><tt><br>
</tt><tt>auto enp4s0</tt><tt><br>
</tt><tt>iface enp4s0 inet manual</tt><tt><br>
</tt><tt> bond-master bond-services</tt><tt><br>
</tt><tt><br>
</tt><tt>lxcuser@blllxc02:~$ cat
/etc/network/interfaces.d/02-bonded.device </tt><tt><br>
</tt><tt># This file is used to create network bonds.</tt><tt><br>
</tt><tt><br>
</tt><tt>##################</tt><tt><br>
</tt><tt># BONDED DEVICES #</tt><tt><br>
</tt><tt>##################</tt><tt><br>
</tt><tt><br>
</tt><tt># Services bond device.</tt><tt><br>
</tt><tt>auto bond-services</tt><tt><br>
</tt><tt>iface bond-services inet manual</tt><tt><br>
</tt><tt> bond-mode 4</tt><tt><br>
</tt><tt> bond-miimon 100</tt><tt><br>
</tt><tt> bond-lacp-rate 1</tt><tt><br>
</tt><tt> bond-slaves enp3s0 enp4s0</tt><tt><br>
</tt><tt> bond-downdelay 400</tt><tt><br>
</tt><tt> bond-updelay 800</tt><tt><br>
</tt><tt><br>
</tt><tt>lxcuser@blllxc02:~$ cat
/etc/network/interfaces.d/03-vlan-raw.device </tt><tt><br>
</tt><tt># This file creates raw vlan devices.</tt><tt><br>
</tt><tt><br>
</tt><tt>####################</tt><tt><br>
</tt><tt># RAW VLAN DEVICES #</tt><tt><br>
</tt><tt>####################</tt><tt><br>
</tt><tt><br>
</tt><tt># Tagged traffic on bond-services for VLAN 28</tt><tt><br>
</tt><tt>auto vlan0028</tt><tt><br>
</tt><tt>iface vlan0028 inet manual</tt><tt><br>
</tt><tt> vlan-raw-device bond-services</tt><tt><br>
</tt><tt><br>
</tt><tt># Tagged traffic on bond-services for VLAN 36</tt><tt><br>
</tt><tt>auto vlan0036</tt><tt><br>
</tt><tt>iface vlan0036 inet manual</tt><tt><br>
</tt><tt> vlan-raw-device bond-services</tt><tt><br>
</tt><tt><br>
</tt><tt># Tagged traffic on bond-services for VLAN 40</tt><tt><br>
</tt><tt>auto vlan0040</tt><tt><br>
</tt><tt>iface vlan0040 inet manual</tt><tt><br>
</tt><tt> vlan-raw-device bond-services</tt><tt><br>
</tt><tt>...</tt><tt><br>
</tt><tt><br>
</tt><tt>lxcuser@blllxc02:~$ cat
/etc/network/interfaces.d/04-bridge.device </tt><tt><br>
</tt><tt># This file creates network bridges.</tt><tt><br>
</tt><tt><br>
</tt><tt>##################</tt><tt><br>
</tt><tt># BRIDGE DEVICES #</tt><tt><br>
</tt><tt>##################</tt><tt><br>
</tt><tt><br>
</tt><tt># Bridged interface for VLAN 28.</tt><tt><br>
</tt><tt>auto vbridge-28</tt><tt><br>
</tt><tt>iface vbridge-28 inet manual</tt><tt><br>
</tt><tt> bridge_ports vlan0028</tt><tt><br>
</tt><tt> bridge_stp off</tt><tt><br>
</tt><tt> bridge_fd 0</tt><tt><br>
</tt><tt> bridge_maxwait 0</tt><tt><br>
</tt><tt><br>
</tt><tt># Bridged interface for VLAN 36.</tt><tt><br>
</tt><tt>auto vbridge-36</tt><tt><br>
</tt><tt>iface vbridge-36 inet manual</tt><tt><br>
</tt><tt> bridge_ports vlan0036</tt><tt><br>
</tt><tt> bridge_stp off</tt><tt><br>
</tt><tt> bridge_fd 0</tt><tt><br>
</tt><tt> bridge_maxwait 0</tt><tt><br>
</tt><tt><br>
</tt><tt># Bridged interface for VLAN 40.</tt><tt><br>
</tt><tt>auto vbridge-40</tt><tt><br>
</tt><tt>iface vbridge-40 inet manual</tt><tt><br>
</tt><tt> bridge_ports vlan0040</tt><tt><br>
</tt><tt> bridge_stp off</tt><tt><br>
</tt><tt> bridge_fd 0</tt><tt><br>
</tt><tt> bridge_maxwait 0</tt><tt><br>
</tt><tt><br>
</tt>Step 2:<tt><br>
</tt>Create profiles for the network devices. Technically not
required but helps to setup new containers much more quickly.<tt><br>
<br>
</tt><tt>lxcuser@blllxc02:~$ lxc profile list</tt><tt><br>
</tt><tt>+----------------------+---------+</tt><tt><br>
</tt><tt>| NAME | USED BY |</tt><tt><br>
</tt><tt>+----------------------+---------+</tt><tt><br>
</tt><tt>| 1500_vlan_dns_dhcp | 5 |</tt><tt><br>
</tt><tt>+----------------------+---------+</tt><tt><br>
</tt><tt>| 28_vlan_virt_mgmt | 15 |</tt><tt><br>
</tt><tt>+----------------------+---------+</tt><tt><br>
</tt><tt>| 40_vlan_ext_core_svc | 0 |</tt><tt><br>
</tt><tt>+----------------------+---------+</tt><tt><br>
</tt><tt>| 44_vlan_ext_svc | 4 |</tt><tt><br>
</tt><tt>+----------------------+---------+</tt><tt><br>
</tt><tt>| 48_vlan_ext_cloud | 0 |</tt><tt><br>
</tt><tt>+----------------------+---------+</tt><tt><br>
</tt><tt>| 80_vlan_int_core_svc | 2 |</tt><tt><br>
</tt><tt>+----------------------+---------+</tt><tt><br>
</tt><tt>| 84_vlan_int_svc | 4 |</tt><tt><br>
</tt><tt>+----------------------+---------+</tt><tt><br>
</tt><tt>| 88_vlan_int_cloud | 0 |</tt><tt><br>
</tt><tt>+----------------------+---------+</tt><tt><br>
</tt><tt>| 92_vlan_storage | 0 |</tt><tt><br>
</tt><tt>+----------------------+---------+</tt><tt><br>
</tt><tt>| default | 15 |</tt><tt><br>
</tt><tt>+----------------------+---------+<br>
<br>
lxcuser@blllxc02:~$ lxc profile show 28_vlan_virt_mgmt<br>
config: {}<br>
description: ""<br>
devices:<br>
mgmt_net:<br>
name: veth-mgmt<br>
nictype: bridged<br>
parent: vbridge-28<br>
type: nic<br>
name: 28_vlan_virt_mgmt<br>
<br>
</tt>Step 3:<br>
Create the container with the correct profile(s) to add the network
device(s) to the container.<br>
<br>
<tt><tt>lxcuser@blllxc02:~$ </tt>lxc init -p default -p
28_vlan_virt_mgmt -p 44_vlan_ext_svc ubuntu:18.04 bllmail02</tt><br>
<br>
Step 4:<br>
Connect to the container and setup the interface the same way you
setup any other system. The example below is set to manual but just
change to however you want to setup your device.<br>
<br>
<tt>lxcuser@blllxc02:~$ lxc exec bllmail02 -- cat
/etc/network/interfaces.d/51-container-network.device</tt><tt><br>
</tt><tt>auto veth-mgmt</tt><tt><br>
</tt><tt>iface veth-mgmt inet manual</tt><tt><br>
...<br>
<br>
auto veth-ext-svc<br>
iface veth-ext-svc inet manual<br>
...<br>
</tt><tt> </tt><br>
<tt>lxcuser@blllxc02:~$ lxc exec bllmail02 -- ip link show veth-mgmt</tt><tt><br>
</tt><tt>316: veth-mgmt@if317:
<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
state UP mode DEFAULT group default qlen 1000</tt><tt><br>
</tt><tt> link/ether 00:16:3e:f6:e5:ec brd ff:ff:ff:ff:ff:ff
link-netnsid 0</tt><tt><br>
</tt><tt>lxcuser@blllxc02:~$ lxc exec bllmail02 -- ip -4 addr show
veth-mgmt</tt><tt><br>
</tt><tt>316: veth-mgmt@if317:
<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
state UP group default qlen 1000 link-netnsid 0</tt><tt><br>
</tt><tt> inet 10.2.28.129/22 brd 10.2.31.255 scope global
veth-mgmt</tt><tt><br>
</tt><tt> valid_lft forever preferred_lft forever<br>
<br>
lxcuser@blllxc02:~$ lxc exec bllmail02 -- ip link show
veth-ext-svc<br>
314: veth-ext-svc@if315: <BROADCAST,MULTICAST,UP,LOWER_UP>
mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen
1000<br>
link/ether 00:16:3e:21:ac:dc brd ff:ff:ff:ff:ff:ff
link-netnsid 0<br>
lxcuser@blllxc02:~$ lxc exec bllmail02 -- ip -4 addr show
veth-ext-svc<br>
314: veth-ext-svc@if315: <BROADCAST,MULTICAST,UP,LOWER_UP>
mtu 1500 qdisc noqueue state UP group default qlen 1000
link-netnsid 0<br>
inet 192.41.41.85/26 brd 192.41.41.127 scope global
veth-ext-svc<br>
valid_lft forever preferred_lft forever<br>
</tt><tt></tt>
<pre class="moz-signature" cols="0">--
Thanks,
Joshua Schaeffer</pre>
</body>
</html>